Cyber entities continue to show a persistent interest in targeting critical infrastructure by taking advantage of vulnerable OT assets. To counter this threat, NSA has released a repository for OT Intrusion Detection Signatures and Analytics to the NSA Cyber GitHub. The capability, known as ELITEWOLF, can enable defenders of critical infrastructure, defense industrial base, and […]
Phishing, the campaigns that are targeting Italy Pierluigi Paganini October 12, 2023 This post analyzed the numerous phishing campaigns targeting users and organizations in Italy. Phishing is a ploy to trick users into revealing personal or financial information through an e-mail, Web site, and even through instant messaging. Particularly very popular is so-called brand phishing, […]
The breach occurred due to a social engineering attack targeting an employee, resulting in the theft of customer data including names, email addresses, billing addresses, and credit card expiration dates.
A previously unidentified APT group, known as Grayling, has been targeting a range of organizations spanning the manufacturing, IT, and biomedical sectors in Taiwan since February. The group’s reach has not been confined to Taiwan alone; a Pacific Islands’ government agency and entities in both Vietnam and the U.S. have also been targeted. Diving into […]
Magecart attackers have launched a new covert campaign targeting eCommerce platforms, primarily Magento and WooCommerce. Several victims, some linked to major food and retail organizations, have been ensnared by this sophisticated operation. Unlike previous Magecart attacks, this campaign exhibits advanced evasion techniques that have left many security experts puzzled. Diving into details Magecart attacks usually […]
Researchers have uncovered a new cyberespionage campaign targeting the telecommunications industry and government organizations across Kazakhstan, Uzbekistan, Pakistan, and Vietnam. The campaign, named Stayin Alive, has been active since 2021 and is possibly the work of a Chinese threat actor called ToddyCat. Infection process The campaign employs spear-phishing emails and DLL side-loading to deliver archive […]
A credential harvesting campaign is targeting Citrix NetScaler gateways that have not been patched against a recent vulnerability, IBM reports. Tracked as CVE-2023-3519 (CVSS score of 9.8), the vulnerability was disclosed in July, but had been exploited since June 2023, with some of the attacks targeting critical infrastructure organizations. By mid-August, threat actors exploited this […]
Oct 06, 2023NewsroomCyber Attack / Malware Threat actors have been observed targeting semiconductor companies in East Asia with lures masquerading as Taiwan Semiconductor Manufacturing Company (TSMC) that are designed to deliver Cobalt Strike beacons. The intrusion set, per EclecticIQ, leverages a backdoor called HyperBro, which is then used as a conduit to deploy the commercial […]
In February 2023, ESET researchers detected a spearphishing campaign targeting a governmental entity in Guyana. While we haven’t been able to link the campaign, which we named Operation Jacana, to any specific APT group, we believe with medium confidence that a China-aligned threat group is behind this incident. In the attack, the operators used a […]